network monitoring software??

Posted on 2006-03-30
Last Modified: 2012-05-05
im not really sure if this type of software exists, but here is my plight.

im the "network administrator" (fresh out of college tech kid), at a medium sized company.

people on my network are going to questionable websites all the time(streaming video + radio), and using software that is not fit for the workplace(limewire + messaging clients). anyway the higher ups want me to be able to monitor and block what users on the network are doing. im assuming i need url blocking, and port blocking, plus a network usage monitor for each client on the network....

my setup is.....

win2003 domain controller ethernet to about 50 stations running xp pro.

what solution is best for me?

thanks in advance
Question by:ccurcio
    LVL 7

    Accepted Solution

    use Proxy

    search for Microsoft ISA or WinProxy
    LVL 2

    Assisted Solution

    You have a few options.

    As previously mentioned, a proxy server and/or Application-based firewall such as MS ISA Server would suffice your needs.

    Also Websense ( will do the job quite well.

    There are a plethora of hardware (and software) devices out there that will monitor web traffic and allow you to block sites at will. Do a little research, and you will find options a plenty.

    LVL 7

    Expert Comment

    ISA Proxy is a good start.

    If your company wants a true IPS and the ability to block users from accessing certain sites and services think

    Another option is to use a product like LanDesk security suite. There are good rules and policy setting features there.

    It depends on how crazy they want to get with money.


    Author Comment


    all these solutions seem good, but they do alot more than i need.

    company wouldnt have any problem spending around $1500 on the software, but all i really need is to block certian websites, and ports over the network.

    as far ISA is looking decent though like i said, it does way more than i want
    LVL 2

    Expert Comment

    Do you have any routers or firewalls in your organization?

    You can create a few simple access-lists to block ports and websites. And it's free. =)
    LVL 18

    Assisted Solution

    Or you could look for something like WinProxy ( . But yeah, it's a pain in the neck that companies love tying together their products... makes it a little harder for you to put together a best of breed or a "best for me" package.

    If you want something more hardware related, but I know couldn't be that cheap (or they wouldn't make money) would be a PacketShaper from Packeteer (
    LVL 1

    Assisted Solution

    Well I'm a Netware shop myself, but the product we use for blocking which is pretty effective is SurfControl ( It comes with a predefined database of sites that updates every day and you can add your own if you find that folks are getting around the monitor. It does require that you run your proxy though.

    If you aren't doing that then you might want to look at getting Vericept ( Some other schools with more money have gone for that and are very happy with it.

    I'd be interesting in finding your network traffic monitor as I'm looking for a good one for cheap as well.

    Good luck.

    LVL 8

    Expert Comment

    Get a firewall no matter is it hardware or software firewall, it does matter
    that you have one, so you can create a policies for the incoming/outgoing
    packets. I recommend that you install a software firewall on a gateway
    machine (the machine everybody is using to access the internet). You can
    find out that doing "ipconfig" in a DOS prompt on any client's machine.
    You'll get the result like this:

    Windows IP Configuration
    PPP adapter ADAPTERNAME:
            Connection-specific DNS Suffix  . :
            IP Address. . . . . . . . . . . . :
            Subnet Mask . . . . . . . . . . . :
            Default Gateway . . . . . . . . . :

    the line "Default Gateway . . . . . . . . . :" is the one you need.

    Also, you may find useful some network packets analyzers, like:



    which will help you when you have some sort of traffic that you cannot
    check/control under firewall, including all TCP/UDP/ICMP/etc. packets.
    LVL 18

    Expert Comment

    Is there a policy in place against inappropriate computer usage already? If not, you may want to look into that. That's the first thing... make sure the rules are in place to leave you open to monitoring and whatnot.

    But then with something like your filter or your packet analyzer, you can actually start figuring out WHO is doing it, then trace it back to them.
    LVL 7

    Assisted Solution

    This is a checklist of 10 ways to monitor what your users are doing with company computers.

    Registration is free too.

    The document is a pdf and has links to other free resources as well.
    LVL 2

    Assisted Solution

    If you have an old box lying around why not try downloading "clark connect" software.
    It has loads of functions, Firewall based on iptables, squid for proxy, dansguardian as content filter, snortsam for IDS.

    They have a free trial version or home version, but for a corporation you should purchase it if you like it as it is very reasonably priced.
    Extremely easy to use and configure

    Assisted Solution

    I would take a look at PRTG Traffic Grapher.

    This program comes complete with a packet sniffer which when setup will enable you to see where the main offenders are and what ports to block to stop them doing it.

    You could then buy a firewall/application layer or tie down there machines to prevent them doing this.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    Join & Write a Comment

    This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
    Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now